Home
Crypto News
Biggest ICO Rug Pulls and Scams in Crypto History Ranked

Biggest ICO Rug Pulls and Scams in Crypto History Ranked

Crypto Regulation & Policy Press Release Expert

Published 2026-05-13

Updated 2026-05-13

Biggest ICO Rug Pulls and Scams in Crypto History Ranked

The History of Crypto Fraud: Learning From the Biggest Losses

Understanding the patterns behind the biggest crypto scams in history is the most efficient way to develop fraud-detection instincts. These events — from billion-dollar Ponzi schemes to 60-second rug pulls — share identifiable warning signals that, in hindsight, were detectable before investors lost their money.

The Biggest Crypto Scams Ranked by Estimated Losses

Scam / Event	Type	Year	Estimated Loss	Key Signal
OneCoin	Ponzi / fake crypto	2014–2019	$4–$15B	No real blockchain; fake token sales
FTX / Alameda	Exchange fraud / misappropriation	2022	$8B+ user funds	Custodial exchange risk; no audit
BitConnect	Ponzi / fake lending	2016–2018	$2.5B+	Guaranteed 1%/day = impossible
Thodex	Exchange exit scam	2021	$2B	Custodial; unregulated exchange
Ronin Bridge (Lazarus Group)	Hack / exploit	2022	$625M	Centralized bridge validators
Anubis DAO	Rug pull / ICO	2021	$60M	Anonymous team; single wallet control
Centra Tech	ICO fraud	2017	$32M	Fake partnerships; paid celebrities
Squid Game Token	Rug pull / honeypot	2021	$3.4M	Anti-sell mechanism (detectable)
Evolved Apes NFT	NFT rug pull	2021	$2.7M	Anonymous developer; no escrow
Frosties NFT	NFT rug pull	2022	$1.3M	Anonymous team; instant post-mint exit

The Warning Signals Present in Every Major Scam

Mapping these fraud events against detectable red flags:

Warning Signal	Present In	Detection Method
Anonymous or unverifiable team	Squid Game, Evolved Apes, Frosties, Anubis DAO	LinkedIn + reverse image search (15 min)
Guaranteed extraordinary returns	OneCoin, BitConnect	Basic math — no legitimate instrument guarantees 1%/day
Anti-sell mechanism	Squid Game token	honeypot.is (2 min)
Single-signer fund control	Anubis DAO, Evolved Apes	BSCScan wallet analysis (5 min)
Unverifiable claimed partnerships	Centra Tech	Direct verification with claimed partners (10 min)
No real blockchain / product	OneCoin	GitHub check + testnet verification (10 min)

The Red Flag That Predicted All Major Rug Pulls

Without exception, every case in this list involved one of: anonymous leadership, fake credentials, or detected but ignored technical red flags. The Squid Game token's anti-sell mechanism was flagged by multiple Twitter accounts and CoinMarketCap itself before the collapse — investors proceeded anyway due to FOMO. The lesson: red flags don't expire because a project is getting attention; they become more important the more attention a project gets.

Glossary

Ponzi Scheme: A fraud paying returns to existing investors using new investors' money, not genuine profit.
Exit Scam: A project that accepts investor funds and then disappears without delivering the promised product or service.
Anti-Sell Mechanism: A smart contract function preventing token holders from selling — a confirmed indicator of honeypot fraud.
White Hat: A security researcher who exploits vulnerabilities to reveal them rather than steal — the Poly Network hacker claimed this motive.

Disclaimer

This historical analysis is for educational purposes. Fraud detection methods are not foolproof — sophisticated scams continue to evolve. Not financial advice.

Previous Next

Yara Fernandez Crypto Regulation & Policy Press Release Expert

521+ articles

1 Year experience

Regulation specialty

Yara Fernandez dives into NFT drops, Latin American crypto art, and GameFi projects that bridge culture and blockchain. As a respected name in crypto journalism, she delivers valuable insights on NFT and Web3 topics from around the world. Her work blends deep research with simplicity, making it easy for readers to understand the fast-moving world of crypto. She focuses on topics related to NFT and Web3 reporting and regularly covers emerging trends, technology updates, and community stories.

Read All Articles By Yara Fernandez

✍️ WHAT'S YOUR OPINION?

Your Name

Your Opinion

Frequently Asked Questions

Have questions? We have answers!

What was the largest crypto scam in history by money lost?

OneCoin is widely considered the largest crypto scam in history, estimated to have defrauded investors of $4-15 billion globally between 2014-2019. OneCoin was not a real cryptocurrency — it had no actual blockchain, no real mining, and no genuine exchange. It operated as a Ponzi scheme using MLM (multi-level marketing) distribution, promising extraordinary returns to investors who bought cryptocurrency 'packages.' Founder Ruja Ignatova ('Cryptoqueen') disappeared in 2017 and is on the FBI's most-wanted list. The scale and duration of OneCoin exceeded any other crypto fraud and predates most blockchain regulations that might have detected it earlier.

What was BitConnect and how did it defraud investors?

BitConnect operated from 2016-2018 as a 'lending platform' promising 1% daily returns (approximately 3,700% annually) through a purported 'trading bot.' Structure: investors exchanged Bitcoin for BitConnect Coin (BCC); loaned BCC back to BitConnect in exchange for guaranteed daily profits; BCC could theoretically be sold on exchanges. The fraud: no trading bot existed; returns were paid from new investor capital (Ponzi structure); BCC's price was artificially maintained through market manipulation. Collapse: Texas and North Carolina cease-and-desist orders in January 2018 triggered a panic; BitConnect shut down in days; BCC fell from $430 to pennies; estimated losses exceeded $2.5 billion. The BitConnect collapse is used as the textbook example of a crypto Ponzi scheme.

What was the Squid Game token rug pull?

Squid Game (SQUID) token launched in October 2021 capitalizing on the Netflix series' global popularity. The fraud: SQUID price rose from $0.01 to $2,861 in days (over 75,000× gain); the token had an anti-sell mechanism — buyers could not sell without first purchasing 'Marble' tokens; when the price peaked, developers withdrew approximately $3.38 million in liquidity, dropping the price to near zero in seconds. CoinMarketCap had placed price warnings on the token; multiple media outlets had reported suspicious activity. Despite these warnings, thousands of investors were caught. Lesson: anti-sell mechanisms visible in token contracts are confirmed fraud — Token Sniffer would have detected this in 2 minutes.

What was the Thodex exchange collapse and how did it affect investors?

Thodex was a Turkish cryptocurrency exchange that collapsed in April 2021. Founder Faruk Fatih Özer fled Turkey with an estimated $2 billion in user funds before trading was suspended with no warning. The collapse left approximately 400,000 affected users unable to access their crypto assets. Özer was extradited to Turkey in 2022 and received a sentence of 11,196 years for organized crime, fraud, and money laundering — one of the largest fraud sentences in Turkish history. The Thodex collapse illustrates a risk distinct from presale scams: custodial exchange risk — assets held on exchanges are subject to exchange insolvency or fraud, not just smart contract vulnerabilities.

What were the biggest DeFi rug pulls and what made them different from ICO scams?

Notable DeFi rug pulls: SushiSwap Chef Nomi — the anonymous founder of SushiSwap (Uniswap fork) sold approximately 40,000 ETH ($14M) from the developer fund in September 2020, causing massive price decline; notably returned the funds after community outcry. Meerkat Finance (BSC, 2021) — $31M exploited on day 1 of launch, later claimed to be a 'test.' Anubis DAO (ETH, 2021) — raised 60 million USD in ETH, all funds transferred to a single wallet 20 hours after launch; $60M loss. DeFi rug pulls differ from ICO scams: they happen after token listing (not just before); smart contract exploits vs team-controlled theft; and on-chain visibility makes attribution easier but recovery remains difficult.

What was the Evolved Apes NFT rug pull and what does it illustrate about NFT project risk?

Evolved Apes launched as a 10,000-piece NFT collection in September 2021 with promises of a fighting game. Within a week of selling out, developer 'Evil Ape' disappeared with approximately $2.7 million in ETH from the development fund. The Discord was abandoned, the website went down, and no game was ever developed. Lessons for NFT presale investors: anonymous project teams are extreme risk factors; 'roadmap promises' without escrow or smart contract enforcement can be abandoned without consequence; community fund wallets with single-signer control are theft-ready structures; and the NFT boom created thousands of similar projects with identical fraud playbooks. The Evolved Apes pattern repeated dozens of times in 2021-2022.

What is the Centra Tech ICO fraud and what legal precedent did it set?

Centra Tech raised $32 million in an ICO in 2017 claiming to offer a crypto-backed debit card with Visa and Mastercard partnerships that didn't exist. Founders Sam Sharma and Robert Farkas paid Floyd Mayweather and DJ Khaled for endorsements without disclosure. Both celebrities subsequently settled with the SEC for undisclosed promotional payments. Founders were arrested, convicted of securities fraud, and sentenced to prison. Legal precedent: Centra Tech was an early case establishing that: paid celebrity crypto promotions without disclosure are securities law violations; celebrity endorsement alone is not quality validation; and SEC will pursue both project founders AND promoters in ICO fraud cases.

What was the Frosties NFT rug pull and why was it significant?

Frosties sold 8,888 NFTs for approximately $1.3 million in January 2022, promising an upcoming play-to-earn game, exclusive airdrops, and other community benefits. Within hours of selling out, founders 'Ethan Nguyen' and 'Andre Llacuna' transferred all funds and abandoned the project. FBI arrested both in March 2022 — one of the first criminal prosecutions specifically for NFT rug pulls in the US. Significance: the Frosties case established that NFT rug pulls constitute criminal wire fraud and conspiracy under US law; the founders received 15-month prison sentences; and the case signaled that 'anonymous team' protection in NFT fraud is weaker than the perpetrators assumed — blockchain forensics and exchange KYC data enabled rapid identification.

What lessons do the biggest crypto scams teach about red flag detection?

Red flags present in virtually every major crypto scam: anonymous or unverifiable team (OneCoin used a fake photo of 'Ruja Ignatova' for months; Squid Game team was anonymous; Evolved Apes developer was pseudonymous); guaranteed extraordinary returns (BitConnect's 1%/day promise mathematically impossible from trading; OneCoin's compound return claims defied economic logic); anti-sell mechanisms (SQUID token literally prevented selling — detectable in 2 minutes); funds in single-signer team wallets (Anubis DAO, Evolved Apes — all funds controlled by one unidentified wallet); and pressure tactics / artificial scarcity (many NFT rug pulls sold out in hours to prevent adequate due diligence time).

How have blockchain analytics firms helped recover funds from rug pulls?

Blockchain analytics and recovery: Chainalysis, Elliptic, and CipherTrace can trace funds from rug pulls through complex transaction patterns; exchange KYC data provides identity when thieves cash out at regulated exchanges; law enforcement partnerships have become more sophisticated since 2020; and multi-jurisdictional cooperation has improved. Recovery success rate: very low — most stolen crypto is converted to privacy coins (Monero), bridged across multiple chains, or withdrawn through unregulated exchanges in non-cooperating jurisdictions. High-profile recovery exceptions: Axie Infinity's Ronin hack ($625M) — partial recovery through exchange freezes and law enforcement action; FTX bankruptcy — ongoing recovery proceedings for institutional creditors. Individual retail investors typically recover nothing from completed rug pulls.

What is the difference between a planned exit scam and a project that fails legitimately?

Distinguishing planned fraud from legitimate failure: Planned exit scam indicators — team disappears suddenly and simultaneously; official channels (website, social media, Telegram) all go offline at the same time; team wallet drains all funds in a single transaction; and no prior communication about project challenges. Legitimate project failure indicators — team communicates about challenges even as they develop; development slows visibly in GitHub before official announcement; partial refunds or token buybacks attempted (if liquidity allows); and founders remain identifiable and accountable even as the project winds down. Grey area: teams that raise funds, make genuine effort, then abandon due to market conditions or technical failure are not necessarily fraudulent but represent failed investments.

What happened to the founders of major ICO scams and what does it tell us about accountability?

Fraud founder accountability outcomes: OneCoin's Ruja Ignatova — remains fugitive on FBI most-wanted list (2026); brother convicted and cooperating with authorities. BitConnect founder Satish Kumbhani — indicted in 2022; charged with wire fraud conspiracy, market manipulation, and money laundering; remains fugitive. Centra Tech founders — convicted, imprisoned, fines imposed. Thodex's Özer — extradited and sentenced to 11,196 years in Turkey. Frosties founders — arrested, prosecuted, sentenced to 15 months. Pattern: doxxed founders face legal consequences; anonymous founders often escape accountability. This reinforces why anonymous team detection is the most critical presale safety check — legal consequences are the primary deterrent for fraud, and anonymous teams eliminate this deterrent entirely.

What was the largest amount recovered from a crypto rug pull or scam?

Largest crypto fraud recoveries: Axie Infinity Ronin hack ($625M stolen) — US Treasury sanctions on North Korean Lazarus Group enabled partial freezing; approximately $30M in USDC frozen by Circle; ongoing recovery efforts; Bitfinex hack (2016, $72M initially) — $3.6B seized by DOJ in 2022 from couple who had laundered proceeds; Poly Network hack ($611M, 2021) — hacker voluntarily returned all funds claiming it was a 'white hat' action (most unusual recovery); FTX collapse ($8B+ missing) — ongoing bankruptcy proceedings with partial recovery expected over years. Complete recovery is extremely rare; the Bitfinex seizure (6 years after the hack) demonstrates that blockchain traceability enables eventual recovery even for sophisticated criminals.

Have Questions?

Our team will answer all your questions. We ensure a quick response.